regexes = {"regex": {"regexesSqlInjection": [{"regex": "select.+(from|limit)", "remarks": "", "score": ""},
{"regex": "(?:(union(.*?)select))", "remarks": "", "score": ""},
{"regex": "group(\\s*)+by(\\s*)", "remarks": "", "score": ""},
{"regex": "order(\\s*)+by(\\s*)", "remarks": "", "score": ""},
{"regex": "waitfor(\\s*)+delay(\\s*)+'\\d", "remarks": "", "score": ""}, {
"regex": "select([\\s\\S]*?)case([\\s\\S]*?)when([\\s\\S]*?)then([\\s\\S]*?)else",
"remarks": "", "score": ""},
{"regex": "convert\\(+(int|char)", "remarks": "", "score": ""},
{"regex": "sleep\\((\\s*)(\\d*)(\\s*)\\)", "remarks": "", "score": ""},
{"regex": "(insert|replace)(\\s*)+into.+values(\\s|)\\(", "remarks": "",
"score": ""},
{"regex": "exec.+(xp_cmdshell|master\\.dbo\\.)", "remarks": "",
"score": ""},
{"regex": "declare.+@.+exec.+@", "remarks": "", "score": ""}],
"regexesSqlInjectionLow": [{"regex": "benchmark\\((.*)\\,(.*)\\) ", "remarks": "", "score": ""},
{"regex": "base64_decode\\(", "remarks": "", "score": ""},
{"regex": "(?:from(\\s*)+information_schema(\\s*))", "remarks": "",
"score": ""},
{"regex": "(?:(?:current_)user|database|schema|connection_id)\\s*\\(",
最低0.47元/天 解锁文章
01-27
3519
3519
09-27
“相关推荐”对你有帮助么?
-
非常没帮助 -
没帮助 -
一般 -
有帮助 -
非常有帮助
提交
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
